Share This:

Tokenization 3 min read

Mastering Authorization with Neucron API

The Neucron Team
Last Updated: May 26, 2024

Neucron Smart Wallet offers developers a robust API for seamless integration, prioritizing both user security and developer convenience. OAuth 2.0 has become a standard protocol for authorization, allowing users to grant third-party applications limited access to their resources without exposing their credentials.

Neucron API provides a robust implementation of OAuth 2.0, offering endpoints like ‘/oauth/authorize’, ‘/oauth/permissions/grant’, and '/oauth/token'. In this blog, we'll delve into the technical intricacies of these endpoints and how to facilitate secure authorization processes for your applications.

OAuth Authorization Endpoint: ‘/oauth/authorize’

The '/oauth/authorize' endpoint is crucial in initiating the authorization process for your application. It acts as the gateway for users to grant access to their resources. This endpoint follows the HTTP POST method and employs Bearer Token Authentication for security.

To make a successful request, you need to provide specific parameters in the request body encoded as a JSON object. These include 'app_id', 'app_key', 'state', 'redirect_uri', and 'permissions'. The 'state' parameter serves as a Cross-Site Request Forgery (CSRF) protection mechanism.

Upon a successful authorization, the endpoint responds with an authorization code and the user's unique identifier. Conversely, errors like bad request (400), unauthorized (401) or internal server error (500) are appropriately handled with corresponding status codes and error details.

Example Usage of '/oauth/authorize' Endpoint

A typical request to the '/oauth/authorize' endpoint involves sending a POST request to Neucron API, including necessary parameters in the request body. Upon success, the response contains the authorization code and user ID, enabling your application to proceed with the authorization flow.

Code:

{

"permissions": {

"app_id": "YourAppID",

"app_key": "YourAppKey",

"state": "RandomString",

"redirect_uri": "https://yourapp.com/oauth/permissions/callback",

"permissions": "write_data,manage_notifications"

}

}


OAuth Permissions Grant Endpoint: '/oauth/permissions/grant'

Sometimes, your application might need additional permissions from users beyond the initial authorization. The '/oauth/permissions/grant' endpoint facilitates this process. Similar to the authorization endpoint, it utilizes the PATCH method and Bearer Token Authentication.

The request body for this endpoint includes parameters such as 'app_id', 'app_key', 'state', 'redirect_uri', and 'permissions'. These parameters specify the additional permissions your app requires. The endpoint responds with appropriate success (200),bad request (400), unauthorized (401) or internal server error (500) messages based on the outcome of the permission grant process.


Example Usage of '/oauth/permissions/grant' Endpoint

To request additional permissions, you send a PATCH request to the '/oauth/permissions/grant' endpoint with the required parameters. Upon successful permission grant, your application receives a confirmation message, allowing it to proceed with enhanced capabilities.

Code:

PATCH /oauth/permissions/grant

Host: neucron.io

Authorization: Bearer YourAccessToken

Content-Type: application/json

{

"permissions": {

"app_id": "YourAppID",

"app_key": "YourAppKey",

"state": "RandomString",

"redirect_uri": "https://yourapp.com/oauth/permissions/callback",

"permissions": "write_data,manage_notifications"

}

}

OAuth Token Endpoint: '/oauth/token'

The '/oauth/token' endpoint is crucial for obtaining an access token, which acts as a credential for accessing protected resources on behalf of the user. This endpoint operates via the HTTP POST method.

In the request body, you provide parameters such as 'auth_code', 'key_id', and 'key_secret', obtained from the authorization process. Upon successful validation, the endpoint returns the JWT access token, enabling your application to make authenticated requests.

Code:

{

"token": {

"auth_code": "AuthorizationCode",

"key_id": "YourKeyID",

"key_secret": "YourKeySecret"

}

}

Mastering the OAuth 2.0 authorization flow with Neucron API involves understanding the intricacies of its key endpoints: '/oauth/authorize', '/oauth/permissions/grant', and '/oauth/token'. By effectively utilizing these endpoints and providing valid parameters, your application can securely obtain access tokens and access user resources with the appropriate permissions.

For further guidance or inquiries regarding specific schemas or error handling, always refer to the comprehensive Neucron API documentation.



Join other subscribers in getting the best tips on asset management, token digitalization, business and more!

We promise we won’t spam you and you can unsubscribe anytime.